package com.powernode.config;

import com.powernode.handler.AppAccessDeniedHandler;
import com.powernode.handler.AppAuthenticationFailureHandler;
import com.powernode.handler.AppAuthenticationSuccessHandler;
import com.powernode.handler.AppLogoutSuccessHandler;
import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
public class MySecurityConfiguration {
    @Resource
    private AppAuthenticationSuccessHandler appAuthenticationSuccessHandler;
    @Resource
    private AppAuthenticationFailureHandler appAuthenticationFailureHandler;
    @Resource
    private AppAccessDeniedHandler appAccessDeniedHandler;
    @Resource
    private AppLogoutSuccessHandler appLogoutSuccessHandler;
    /**
     * 配置安全过滤器链
     * @param httpSecurity
     * @return
     * @throws Exception
     */
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        // 配置没有权限的handler
        httpSecurity.exceptionHandling(handler->handler.accessDeniedHandler(appAccessDeniedHandler));
        // 配置成功和失败的handler
        httpSecurity.formLogin(handler->handler.successHandler(appAuthenticationSuccessHandler).failureHandler(appAuthenticationFailureHandler));
        // 配置登出的handler
        httpSecurity.logout(handler->handler.logoutSuccessHandler(appLogoutSuccessHandler));
        return httpSecurity.build();
    }
}
